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POTHIER, Administrative Patent Judge. 

DECISION ON APPEAL 
STATEMENT OF THE CASE 
Appellants appeal under 35 U.S.C. § 134(a) from the Examiner's final 
rejection of claims 22-37. Claims 1-21 have been canceled. Br. 2. 1 We 
have jurisdiction under 35 U.S.C. § 6(b). We affirm. 



1 Throughout this opinion, we refer to the Appeal Brief filed February 23, 
2009, and the Examiner's Answer mailed June 15, 2009. 
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Invention 

Appellants' invention relates to a technique for authenticating code or 

data in protected environment. See Abstract. Claim 22 is reproduced below 

with the key disputed limitation emphasized: 

22. A secure processing system, comprising: 

a main processor unit (MPU) coupled to a processor bus; 
an attached processor complex (APC) coupled to the processor bus 
and comprising: 

a local store configured to store computer instructions and 
data; 

an attached processor unit (APU) coupled to the local store; 

wherein the APC is configured to receive commands from the 
MPU via the processor bus, to store a cryptographic master key, and 
to operate in a non-isolated state and an isolated state; and 

wherein in response to a LOAD command received from the MPU, 
the APC is configured to transition from the non-isolated state to the 
isolated state, to partition the local store into a general access section 
accessible by the MPU and an isolated section accessible only by the 
APU, to transfer a set of computer instructions or data into the isolated 
section of the local store, and to use the master key to extract and 
decrypt a portion of the computer instructions or data stored in the 
isolated section of the local store, thereby producing another 
cryptographic key. 

The Examiner relies on the following as evidence of unpatentability: 

Worley US 2002/0194389 Al Dec. 19,2002 

Smeets US 6,769,062 Bl July 27, 2004 

(filed Oct. 25, 2000) 
Ellison US 7,082,615 Bl July 25, 2006 

(filed Sept. 22, 2000) 

The Rejections 

1 . The Examiner rejected claims 22-27 and 29-36 under 35 U.S.C. 
§ 103(a) as unpatentable over Ellison and Smeets. Ans. 3-11. 
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2. The Examiner rejected claims 28 and 37 under 35 U.S. C. § 103(a) 
as unpatentable over Ellison, Smeets, and Worley. Ans. 11-14. 

THE OBVIOUSNESS REJECTION OVER ELLISON AND SMEETS 
Regarding representative claim 22, Appellants argue that Examiner 
has not demonstrated that the references teach creating a partition as recited 
and, in particular, creating the recited isolated section in response to a 
LOAD instruction. Br. 11, 14. Appellants contend that Ellison teaches 
away from creating such a partition, because Ellison's rings are perpetually 
partitioned into normal and isolated execution portions. Br. 13. Appellants 
also assert that the Examiner does not provide a reason why creating such a 
partition would be obvious. Br. 11. 

ISSUE 

Under § 103, has the Examiner erred by finding that Ellison and 
Smeets collectively would have taught or suggested, in response to a LOAD 
command received from the MPU, the APC is configured to partition the 
local store into a general access section accessible by the MPU and an 
isolated section accessible only by the APU? 

ANALYSIS 

Before we address what Ellison and Smeets teach, we construe a key 
disputed term of claim 1 or "partition." While Appellants do not define this 
term (see generally Specification), Appellants describe the load command 
partitions the local store (LS) 1 10 into a general access section 1 1 1 and an 
isolated section 112 (Spec. 7:8-10, 24-26; Fig. 1). We also find, when 
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consulting dictionaries for an ordinary meaning, that a "partition" includes 
"the act or process of diving into parts" 2 and "[a] logically distinct portion of 
memory or a storage device that functions as though it were a physically 
separate unit." 3 Thus, using these definitions as a verb, "to partition" 
includes to designate or divide sections of storage into logical parts. Further, 
in the context of claim 22, the recited APC configured to partition the logical 
store can be broadly construed to include the APC being configured to 
designate or divide storage sections logically into a general access section 
accessible by the MPU and an isolated section accessible only by the APU. 

The collective teachings of Ellison and Smeets teach or suggest such a 
configured APC. Ellison teaches a logical operating architecture 50 having 
two modes of operation (i.e., a normal execution mode and an isolated 
execution mode) and a processor nub loader 52 that operates only in the 
isolated execution mode. Col. 3, 11. 4-8; Fig. 1A. The isolated execution 
mode is initialized using a privileged instruction located in the processor 
along with the processor nub loader 52. Ans. 4 (citing col. 3, 11. 43-45); see 
also col. 4, 11. 63-65. Additionally, the processor nub loader 52 is a loader 
code that loads the processor nub 18 into an isolated area and is invoked by 
execution of an appropriate isolated instructions (e.g., Iso_init), which is 
transferred to the isolated area 70. Ans. 14-15 (citing col. 3, 11. 21-25, 
43-47); see also col. 6, 11. 49-51; Figs. 1B-C. 

Ellison thus teaches a load command (e.g., the privilege instruction 
which begins the process of loading the loader code and the isolated 
instruction invokes the loader 52 or loader code) being sent by the processor 

2 Webster's II New Riverside University Dictionary 857 (1994). 

3 Microsoft® Computer Dictionary 392 (5th ed. 2002). 
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or an MPU. In response to the load command, Ellison also discusses the 
system operates in an isolated execution mode where the isolated area 70 of 
the physical memory becomes accessible to certain elements of the operating 
system. See col. 4, 11. 12-14, 19-21; col. 5, 11. 1-10; col. 6, 11. 13-17; Figs. 
1B-C. The processor designates this storage section logically as an isolated 
section. See id. This contrasts with Ellison's normal execution mode where 
only the non-isolated areas 80 — not the isolated area 70 - are accessible and 
thus designated. See col. 3, 11. 26-31; col. 4, 11. 27-29; Fig. IB. Ellison 
therefore, teaches or suggests an APC configured to designate and divide 
storage logically into parts — a general access section (e.g., non-isolated area 
80) and an isolated section (e.g., isolated area 70) in response to a LOAD 
command and when operating in the isolated execution mode. 

Because the isolated areas 70's accessibility indicates whether 
Ellison's system is operating in a normal execution or an isolated execution 
mode, we also disagree with Appellants that the Examiner was wrong in 
discussing a command used to invoke the isolated execution state. See 
Br. 12. Also, even assuming without agreeing that Ellison's rings are 
perpetual (Br. 13), we do not find that Ellison teaches away from 
partitioning the local store in response to invoking the isolated execution 
mode or state (id.). That is, as explained above, Ellison teaches or suggests 
that the isolated area is made available to the specific components only when 
operating in the isolated execution mode or when the isolated mode is 
invoked by a load command. Thus, only when in this mode does Ellison 
provide accessibility and thus divides the local store (e.g., physical memory 
60) into two logical sections — a general access section (e.g., 80) and an 
isolated section (e.g., 70). 
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We further note that claim 22 requires not only that the APC is 
configured to partition into a general access section and an isolated section 
but also that is configured to partition into a general access section 
accessible by the MPU and an isolated section accessible only by the APU. 
The Examiner further relies on Smeets' disclosure, when combined with 
Ellison, to teach or suggest this entire recitation. See Ans. 4-5, 14-15. Also, 
while Appellants assert that Smeets fails to teach this limitation (see Br. 11), 
Appellants focus their arguments on Smeets failing to show an isolated 
section accessible only by the APU in response to a load command (see Br. 
14). As noted, the Examiner did not rely on Smeets for the partition feature. 

Specifically, the Examiner relies on Smeets to teach the concept of 
using separate processors for different applications, including using a secure 
processor for storing and obtaining private keys and digital signatures and 
for performing cryptographic calculations. See Ans. 5, 15 (citing col. 2, 
11. 2-5, 19-23; col. 3, 11. 18-20, 26-28, 58-60; Fig. 1). Ellison likewise 
teaches a nub 16, which is part of the isolated execution functions, obtains 
access to private keys and generates signatures. See col. 8, 11. 33-65. When 
these teachings are combined, they predictably yield no more than an 
ordinarily skilled artisan would have expected or designating storage into a 
general access section accessible by one processor (e.g., a MPU) and an 
isolated section accessible only by a secure processor (e.g., an APU) so as to 
secure and ensure the integrity of Ellison's system by securing private keys 
and signatures. See Ans. 5 (citing col. 1, 11. 44-50); see also KSR Int'l Co. v. 
Tele/lex Inc., 550 U.S. 398, 416-17 (2007). We therefore find, contrary to 
Appellants' assertion (Br. 1 1), that the Examiner has articulated a reason 
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with some rational underpinning to combine Ellison and Smeets and justifies 
a conclusion of obviousness. 

For the foregoing reasons, Appellants have not persuaded us of error 
in the rejection of independent claim 22 and claims 23-27 and 29-36 not 
separately argued with particularity (Br. 14). 

THE REMAINING OBVIOUSNESS REJECTION 
Regarding representative claim 28, Appellants repeat the argument 
that Ellison and Smeets fail to teach or suggest the same disputed "partition" 
limitation in connection with claim 22. Br. 15. We are not persuaded by for 
the reasons discussed above and need not address whether Worley cures any 
deficiency. See id. This argument also fails to persuasively rebut the 
Examiner's prima facie case of obviousness (Ans. 11-14) - a position we 
find reasonable. We therefore, sustain the rejection of claims 28 and 37 not 
separately argued (Br. 15). 

CONCLUSION 
The Examiner did not err in rejecting claims 22-37 under § 103. 

DECISION 

The Examiner's decision rejecting claims 22-37 is affirmed. 
No time period for taking any subsequent action in connection with 
this appeal may be extended under 37 C.F.R. § 1.136(a)(l)(iv). 

AFFIRMED 

babe 
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parrallaxing 

parrallaxing n. A 3-D animation technique, often used by 
computer game developers, where backgrounds are dis- 
played using different levels of speed to achieve realism. 
For example, distant levels move at a slower speed than 
closer levels, thereby giving tfc_ illusion of depth. See also 
animation. 

parse vb. To break input into smaller chunks so that a 
program can act upon the information, 
parser n. An application or device that breaks data into 
smaller chunks so that an application can act on the infor- 
mation. See also parse. 

partition n. 1. A logically distinct portion of memory or a 
storage device that functions as though it were a physi- • 
cally separate unit. 2, In database programming, a subset 



of a database table or file. 
Partition Boot Sector n. The first sector in the system 
(startup) partition of a computer's bootable hard disk, or 
the first sector of a bootable floppy disk. On an x86-based 
computer, the Partition Boot Sector is read into memory at 
startup by the Master Boot Record. It is the Partition Boot 
Sector that contains the instructions required to begin the 
process of loading and starting the computer's operating 
system. See also Master Boot Record, partition table, 
partition table n. A table of information in the first sec- 
tor of a computer's hard disk that tells where each parti- 
tion (discrete portion of storage) on the disk begins and 
ends. The physical locations are given as the beginning 
and ending head, sector, and cylinder numbers. In addition 
to these "addresses," the partition table identifies the type 
of file system used for each partition and identifies 
whether the partition is bootable — whether it can be used 
to start the computer. Although it is a small data structure, 
the partition table is a critical element on the hard disk, 
partnership n. The settings on a desktop computer and 
Windows CE device that allow information to be synchro- 
nized, as well as copied or moved between the computer 
and device. The mobile device can have partnerships with 
up to two desktop computers. See also synchronization 
(definition 6). 

Pascal n. A concise procedural language designed 
between 1967 and 1971 by Niklaus Wirth. Pascal, a com- 
piled, structured language built upon ALGOL, simplifies 
syntax while adding data types and structures such as 



, ' j , v .. . passive-matrix display 

subranges, enumerated data types, files, records, and sets. 
See also ALGOL, compiled language. Compare C. 
pASP n. See pocket Active Server Pages. 
pass 1 n. In programming, the carrying out of one com- 
plete sequence of events. 

pass 2 vb. To forward a piece of data from one part of a 
program to another. See also pass by address, pass by value, 
pass by address n. A means of passing an argument or 
parameter to a subroutine. The calling routine passes the 
address (memory location) of the parameter to the called 
routine, which can then use the address to retrieve or mod- 
ify the value of the parameter. Also called: pass by refer- 
ence. See also argument, call 1 . Compare pass by value, 
pass by reference n. See pass by address. J 
pass by value n. A means of passing an argument or a '.| 
parameter to a subroutine. A copy of the value of the aig-j * 
ment is created and passed to the called routine. When th|jj 
method is used, the called routine can modify the copy' 
the argument, but it cannot modify the original argument! 
See also argument, call 1 . Compare pass by address, 
passivation n. In Sun Microsystems's J2EE network 
form, the process of "turning off* an enterprise java b2j 
(EJB) by caching it from memory to secondary stora; " 
See also Enterprise JavaBeans, J2EE. Compare ; 
passive hub a A type of hub used on ARCnet 
that passes signals along but has no additional capab| 
See also ARCnet. Compare active hub, Intelligent hjS 
passive-matrix display n. An inexpensive, low-ref 
tion liquid crystal display (LCD) made from a largl 
of liquid crystal cells that are controlled by transif 
side of the display screen. One transistor controls, 
row or column of pixels. Passive-matrix displays, 
monly used in portable computers, such as laptop 
notebooks, because of their thin width. While the 
plays have good contrast for monochrome scrcen|| 
olution is weaker for color screens. These display 
difficult to view from any angle other than straij ' 
unlike active-matrix displays. However, compu| 
passive-matrix displays are considerably chea: 
those with active-matrix screens. See the illust 
called: dual-scan display. See also liquid cryst 
supertwist display, transistor, twisted nematic* 
Compare active-matrix display. 
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